[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: SMDoubleSlider usability on GNUstep
|
From: |
David Chisnall |
|
Subject: |
Re: SMDoubleSlider usability on GNUstep |
|
Date: |
Tue, 20 Feb 2018 12:46:32 +0000 |
On 20 Feb 2018, at 12:33, Yavor Doganov <yavor@gnu.org> wrote:
>
> #1 0x00007ffff77d2015 in -[NSCell doubleValue] (self=0x5555562ef7f0,
> _cmd=<optimized out>) at NSCell.m:269
> #2 0x00007ffff778362a in -[NSActionCell doubleValue] (self=0x5555562ef7f0,
> _cmd=<optimized out>) at NSActionCell.m:187
> #3 0x000055555555bfdb in -[SMDoubleSliderCell doubleHiValue]
> (self=0x5555562ef7f0, _cmd=<optimized out>) at SMDoubleSliderCell.m:448
Skimming the code, it looks as if their -doubleValue method calls their
-doubleHiValue method, which calls the superclass’s -doubleValue method. In
GNUstep, the superclass has another call to its superclass method:
https://github.com/gnustep/libs-gui/blob/master/Source/NSActionCell.m#L187
This then checks whether the object responds to -doubleValue, and if it does
calls that:
https://github.com/gnustep/libs-gui/blob/master/Source/NSCell.m#L265
Unfortunately, in this case, it appears that the object value is self, so you
get infinite recursion.
This looks like a bug elsewhere, as setting a cell’s object value to the cell
itself is likely to cause problems. I don’t see any calls to -setObjectValue:
in the SMDoubleSlider code that you’ve linked to, so something else must be
doing this. It looks quite a bit like a use-after-free bug.
David